Advanced Persistent Threat (APT)

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Threat Intelligence

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Security teams worldwide must stay updated on the latest detection rules and emerging threats to defend against...

Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities

Threat Intelligence

Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities

Security researchers have identified active exploitation of a high-severity Microsoft Exchange vulnerability (CVE-2023-XXXX) in targeted phishing campaigns...

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

APT-News

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

A new ransomware-as-a-service (RaaS) operation dubbed “VanHelsing” has surfaced, targeting multiple operating systems and employing double extortion...

INTERPOL’s Global Cybercrime Crackdown: 306 Arrested, 1,842 Devices Seized

APT-News

INTERPOL’s Global Cybercrime Crackdown: 306 Arrested, 1,842 Devices Seized

In a coordinated international operation, INTERPOL has arrested 306 suspects and seized 1,842 electronic devices in a...

Hackers Exploit .NET MAUI to Deliver Fake Banking and Social Apps in India and China

APT-News

Hackers Exploit .NET MAUI to Deliver Fake Banking and Social Apps in India and China

Security researchers have identified a new campaign where threat actors are leveraging Microsoft’s .NET Multi-platform App UI...

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Threat Intelligence

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Google’s Threat Analysis Group (TAG) has released its Q2 2023 bulletin, providing critical insights into coordinated influence...

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

Threat Intelligence

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

Google’s Threat Analysis Group (TAG) has released its quarterly bulletin revealing the termination of thousands of accounts...

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

Malware Analysis

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

A newly discovered malware campaign is leveraging the JPHP interpreter – a PHP implementation running on the...

Ivanti VPN Zero-Day Exploits: Critical Vulnerabilities and Advanced Persistence Techniques

APT-News

Ivanti VPN Zero-Day Exploits: Critical Vulnerabilities and Advanced Persistence Techniques

Security teams worldwide are grappling with widespread exploitation of Ivanti Connect Secure VPN appliances, as researchers uncover...

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

CVE News

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS GlobalProtect feature has been actively exploited since...

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

APT-News

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

A China-linked cyberespionage group known as StormBamboo (also tracked as Evasive Panda, Daggerfly, and Bronze Highland) has...

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

APT-News

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

In early 2022, Russian state-sponsored threat actor APT28 (also tracked as GruesomeLarch) deployed a novel attack vector...

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

APT-News

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

The XE Group, a cybercrime syndicate with suspected Vietnamese origins, has dramatically evolved its operations from traditional...

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Malware Analysis

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.MSIL.SUPERNOVA.A represents a significant Windows-based threat with high damage potential despite its currently limited distribution. First identified...

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

News

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Trojan.Win64.COMBACKER.YABA-A represents a persistent though low-risk threat to Windows systems, first identified in January 2021 by Trend...

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

Threat Intelligence

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

The Trojan.Win64.HAFNIUM.A malware represents a sophisticated threat targeting Microsoft Exchange servers, initially attributed to the Chinese state-sponsored...

ASTROLOCKER Ransomware: Technical Analysis of a Mount Locker Affiliate Strain

Malware Analysis

ASTROLOCKER Ransomware: Technical Analysis of a Mount Locker Affiliate Strain

Ransom.Win32.ASTROLOCKER.A represents a lesser-known but technically sophisticated ransomware strain with potential ties to the Mount Locker operation....

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

Malware Analysis

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

TrojanSpy.MSIL.REDLINESTEALER.YXBDM represents a sophisticated information-stealing malware targeting Windows systems, first identified by Trend Micro researchers in April...

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Malware Analysis

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Ransom.Win64.CONTI.AA, a variant of the notorious Conti ransomware family, remains a significant threat to Windows systems despite...

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Malware Analysis

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Trojan.W97M.EMOTET.SMI is a variant of the notorious Emotet malware, primarily spread through malicious Microsoft Office documents. Despite...

Posts pagination

Previous 1 … 4 5 6 7 8 Next

Advanced Persistent Threat (APT)

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

INTERPOL’s Global Cybercrime Crackdown: 306 Arrested, 1,842 Devices Seized

Hackers Exploit .NET MAUI to Deliver Fake Banking and Social Apps in India and China

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

Ivanti VPN Zero-Day Exploits: Critical Vulnerabilities and Advanced Persistence Techniques

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

ASTROLOCKER Ransomware: Technical Analysis of a Mount Locker Affiliate Strain

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected